Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/4E495D82C64711EC8CE67928C4F9AE02.roa
File: 4E495D82C64711EC8CE67928C4F9AE02.roa (raw, json)
Hash identifier: TXRRa3BDZUGJA8iFPTkCXuH175aZpbzAKcXVgz9DfDQ=
Subject key identifier: 0F:E1:C0:CB:02:54:23:1F:A4:D0:75:70:BA:61:6C:B1:37:F9:53:D7
Certificate issuer: /CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Certificate serial: 3976
Authority key identifier: 82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/4E495D82C64711EC8CE67928C4F9AE02.roa
Signing time: Thu 28 Apr 2022 03:30:10 +0000
ROA not before: Thu 28 Apr 2022 03:30:10 +0000
ROA not after: Fri 30 Sep 2022 00:00:00 +0000
asID: 3970
IP address blocks: 103.171.218.0/24 maxlen: 24
103.171.219.0/24 maxlen: 24
2001:df7:5380::/48 maxlen: 48
2001:df7:5381::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14710 (0x3976)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A001E/serialNumber=8278F47DEC5B7ADC201897F99BCC6E2BFA88D015
Validity
Not Before: Apr 28 03:30:10 2022 GMT
Not After : Sep 30 00:00:00 2022 GMT
Subject: CN=626a0a42-b93f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:93:97:b1:ff:da:4d:77:48:31:62:c8:42:23:
52:4e:2f:88:f0:18:b1:88:f5:e3:f5:c7:80:0e:d7:
bd:b8:62:33:9c:a0:a5:e0:d6:2f:c7:13:cc:6c:c0:
cd:d0:1b:07:91:c7:36:93:e6:70:a4:61:48:92:29:
9b:0d:fc:66:eb:5a:a7:f9:cf:00:3e:ce:30:58:54:
cd:d4:48:2d:da:62:89:05:f1:c8:92:98:48:87:19:
4d:0f:f4:51:ec:f0:6b:2d:f7:c6:32:dc:fb:1d:4b:
a2:4b:3d:05:d2:55:32:3a:26:8c:f0:81:c1:b3:a2:
f9:a8:da:22:ee:34:bb:91:67:5d:10:3d:db:4a:4f:
50:d7:4d:f3:88:3f:bb:53:47:0b:78:65:8b:3f:24:
1a:f8:ab:ee:1c:fd:50:cd:36:37:e4:6f:bb:88:16:
02:ba:93:b8:0f:69:62:12:e8:be:cf:1d:33:ab:eb:
97:4a:33:64:aa:22:2d:e9:e4:a8:f9:4e:94:94:6b:
07:03:6b:40:00:d1:10:aa:85:29:02:8f:2e:28:88:
75:2b:19:e7:37:51:70:7d:cb:e7:4a:14:36:da:54:
12:b1:8e:af:de:1e:54:ea:4c:a5:e6:29:0e:c1:50:
59:a7:dc:69:c7:b0:b8:72:ed:2b:b8:9c:95:30:00:
dd:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:E1:C0:CB:02:54:23:1F:A4:D0:75:70:BA:61:6C:B1:37:F9:53:D7
X509v3 Authority Key Identifier:
keyid:82:78:F4:7D:EC:5B:7A:DC:20:18:97:F9:9B:CC:6E:2B:FA:88:D0:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/gnj0fexbetwgGJf5m8xuK_qI0BU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnj0fexbetwgGJf5m8xuK_qI0BU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A001E/35FA0F561D7811E293771FC408B02CD2/4E495D82C64711EC8CE67928C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.218.0/23
IPv6:
2001:df7:5380::/47
Signature Algorithm: sha256WithRSAEncryption
b8:43:67:d0:38:85:e3:bd:7b:32:7a:7d:40:1d:f4:16:31:90:
25:17:8a:f7:f2:35:fa:db:74:7b:de:52:24:8d:5f:16:50:8f:
5b:16:1c:5c:81:e9:9f:e3:b2:c7:6a:46:45:6f:4d:8c:ef:9e:
3d:6d:d0:f9:2a:b4:b6:c7:b6:e5:01:05:fb:53:8a:26:58:c3:
8c:c6:60:0c:8b:4b:ff:b9:f9:20:fb:4a:20:e4:a4:c2:21:23:
29:07:42:78:c9:38:ac:10:99:b0:7f:6b:c4:e5:48:4d:40:5f:
8a:71:f3:1f:4b:c5:7f:4e:a6:83:2b:91:ff:3a:36:5a:da:52:
29:3e:08:43:cf:f4:82:92:19:49:76:f5:a4:00:28:05:dd:f4:
90:18:04:d8:fb:30:a8:77:ac:e4:23:fc:1b:70:c8:f4:73:85:
e4:08:9a:ed:be:c9:0b:55:de:18:6c:cf:b5:22:ce:45:2c:6a:
62:a4:84:5f:73:9b:a2:3a:e6:af:7d:c5:ff:c7:e1:60:49:9c:
5e:f3:55:a5:c2:dc:7a:61:95:df:5f:b4:0b:71:e7:20:4b:c5:
62:d7:45:fa:5c:bc:d9:03:66:b6:99:59:07:23:c9:3e:b0:1b:
66:5c:fd:73:da:87:9e:29:af:51:db:b3:34:c5:dd:54:c4:c7:
78:fb:12:0d
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICOXYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAwMUUxMTAvBgNVBAUTKDgyNzhGNDdERUM1QjdBREMyMDE4OTdGOTlCQ0M2RTJC
RkE4OEQwMTUwHhcNMjIwNDI4MDMzMDEwWhcNMjIwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjZhMGE0Mi1iOTNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtJOXsf/aTXdIMWLIQiNSTi+I8BixiPXj9ceADte9uGIznKCl4NYvxxPMbMDN
0BsHkcc2k+ZwpGFIkimbDfxm61qn+c8APs4wWFTN1Egt2mKJBfHIkphIhxlND/RR
7PBrLffGMtz7HUuiSz0F0lUyOiaM8IHBs6L5qNoi7jS7kWddED3bSk9Q103ziD+7
U0cLeGWLPyQa+KvuHP1QzTY35G+7iBYCupO4D2liEui+zx0zq+uXSjNkqiIt6eSo
+U6UlGsHA2tAANEQqoUpAo8uKIh1KxnnN1FwfcvnShQ22lQSsY6v3h5U6kyl5ikO
wVBZp9xpx7C4cu0ruJyVMADdIQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFA/hwMsC
VCMfpNB1cLphbLE3+VPXMB8GA1UdIwQYMBaAFIJ49H3sW3rcIBiX+ZvMbiv6iNAV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDAxRS8zNUZBMEY1NjFE
NzgxMUUyOTM3NzFGQzQwOEIwMkNEMi9nbmowZmV4YmV0d2dHSmY1bTh4dUtfcUkw
QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2duajBmZXhiZXR3Z0dKZjVtOHh1S19xSTBCVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAwMUUvMzVGQTBGNTYxRDc4MTFFMjkzNzcxRkM0MDhCMDJDRDIvNEU0OTVEODJD
NjQ3MTFFQzhDRTY3OTI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq9owDwQCAAIwCQMHASABDfdTgDANBgkqhkiG9w0BAQsF
AAOCAQEAuENn0DiF4717Mnp9QB30FjGQJReK9/I1+tt0e95SJI1fFlCPWxYcXIHp
n+Oyx2pGRW9NjO+ePW3Q+Sq0tse25QEF+1OKJljDjMZgDItL/7n5IPtKIOSkwiEj
KQdCeMk4rBCZsH9rxOVITUBfinHzH0vFf06mgyuR/zo2WtpSKT4IQ8/0gpIZSXb1
pAAoBd30kBgE2PswqHes5CP8G3DI9HOF5Aia7b7JC1XeGGzPtSLORSxqYqSEX3Ob
ojrmr33F/8fhYEmcXvNVpcLcemGV31+0C3HnIEvFYtdF+ly82QNmtplZByPJPrAb
Zlz9c9qHnimvUduzNMXdVMTHePsSDQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:01 2023 by rpki-client on console-fra.rpki-client.org